Technical Support Plan

Environments

We provide multiple deployment options for our products, giving our customers the flexibility to make use of all the product features by choosing the best model that suits your organization's business needs.

Contact Us

Cyware Daily Threat Intelligence February 09, 2018

New PoS malwareA new variant of a Point of Sale (PoS) malware, named UDPoS, has been detected. The malware disguises itself as a LogMeIn service pack and generates unusual amounts of DNS requests, to steal magnetic stripe payment card data. However, UDPoS appears to be less sophisticated than recent strains of PoS malware.

Cryptocurrency miningAttackers have been launching attacks, on various servers, to carry out cryptocurrency mining. However, a new attack is targeting a water utility provider in Europe. This is the first time industrial controls systems (ICS), or SCADA servers have been used to mine cryptocurrency.Experts theorize that the port of entry for the malware was via the system known as Human Machine Interface (HMI).

Top Vulnerabilities Reported in the Last 24 Hours

Flaws in Amazon's Key serviceA new way for hackers to break into a home that’s protected by Amazon Key has been found. Amazon Key lets deliverymen enter a property, using an app to unlock the door. The delivery is recorded via a web-connected camera, called the Cloud Cam. It has been found that using Raspberry Pi equipped with a battery pack and wireless dongle, the device can be hacked.

New microcode update for SkylakeIntel released a new microcode update, for Skylake processors, that can provide protection from the Spectre flaws. In the past, Intel has released a patch and withdrew it owing to rebooting issues.

Windows installer delivering LokiBotSecurity researchers have discovered that the Windows Installer service in Microsoft Windows OS is exploiting the CVE-2017-11882 vulnerability to deliver Loki infostealer. The attack uses msiexec.exe as part of the Windows Installer service to download the malware. To prevent this attack, users can disable or restrict Windows Installer.

Top Breaches Reported in the Last 24 Hours

Reddit clone siteA clone website, that appears to be Reddit site, set up by scammers managed to steal Reddit login credentials of visitors. The fake website had a valid SSL certificate and hosted on a Colombian domain, reddit.co instead of reddit.com.

DCGH’s EMR HackedCyber criminals hacked the Decatur County General Hospital (DCGH) by remotely installing software onto its electronic health record software to generate digital currency. Affected server includes personally identifiable information of around 24,000 patients. The hospital urged patients to place a fraud alert on their credit files.

To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.